[Samba] NIS to SAMBA4 Migration

Gémes Géza geza at kzsdabas.hu
Fri Nov 23 23:01:22 MST 2012

> Hello Steve,
> The only way I have found to enable those options is to provision with
> "--use-rfc2307". We are performing an upgrade from Samba3 and I noticed
> that the options were not grayed out after performing a classicupgrade, but
> were grayed out after a "clean" provision. I finally figured out that the
> classicupgrade always uses the "--use-rfc2307" flag. This flag will add the
> option "idmap_ldb:use rfc2307 = yes" to your smb.conf, however, it has been
> my experience that adding that to smb.conf post-provision does not enable
> the UNIX Attributes options, so the provision option must do something
> else. I would like to know if there is a way to enable this after the fact,
> but I've not come up with anything yet. I need to complete further testing
> on the actual authentication of Linux clients, Apache, RADIUS and OpenVPN,
> but have run into a show-stopper with DNS replication and have moved all my
> efforts to this for the time being. I was able to get Linux clients
> authenticating via winbind, but this was before I found out about the
> "--use-rfc2307" option and winbind was using auto-generated UIDs and GIDs.
> Any notes you come up with would be greatly appreciated. Thanks, Thomas.
Provisioning with --use-rfc2307 also loads the "NIS" schema into AD and 
thus allows you to set that attributes via ADUC.
To do the same after provision you would need to import the schema after 
provision. The skeleton of it is in 
on a default install.


Geza Gemes
> On Fri, Nov 23, 2012 at 10:38 AM, Steve van Maanen <steve at starsphere.jp>wrote:
>> Hello everyone,
>> I am trying to figure out a way to migrate NIS maps to SAMBA4 (I want to
>> replace NIS with SAMAB4 for a Linux domain. I have researched a fair bit on
>> the web but have not found out any solutions and was hoping I could find
>> some help here. What I have found so far pertains to Windows
>> implementations of Active Directory.
>> Here are my questions.
>> 1) Is it possible with a default install of SAMBA4 or do I need to extend
>> the schema?
>> 2) I notice there is a Unix attributes tab for users, when using Active
>> Directory users and groups to administer the Samba4 AD, but I am unable to
>> change the properties. Is there any way I can enable this?
>> 3) Has anyone done this and if so, can you offer me some pointers?
>> Many thanks!
>> Steve
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list